1. Technical Field
The present invention relates to a long-term signature terminal, a long-term signature server, a long-term signature terminal program, and a long-term signature server program, and for example, to a technique for creating long-term signature data.
2. Background Art
In order to certify unfalsification (authenticity) of electronic data, an electronic signature is widely used in which electronic data is encrypted with a secret key to perform the electronic signature, and then electronic data is decrypted with a public key corresponding to the secret key to verify the electronic signature.
Electronic data is decrypted with the public key, and thus it can be confirmed that electronic data is encrypted with the secret key corresponding to the public key. However, since a signatory has the secret key, it can be certified that electronic data is generated by the signatory. For example, the secret key functions as a seal, and the public key functions as a certificate of the seal.
The public key is distributed by a public key certificate which is issued by a certificate authority, and when the public key is distributed, the authenticity of the public key can be confirmed by the certificate.
Meanwhile, the electronic signature has an expiration date which is set so as to cope with a compromise or the like of an encryption algorithm used in the signature or the like.
Even before the expiration date, the electronic signature may be expired according to signatory's convenience or all certificates following a root certificate may be expired if the secret key is omitted.
Accordingly, in order to cope with the above-described problem, as in PTL 1, an electronic signature format (hereinafter, referred to as long-term signature format) for perpetuating the validity of an electronic signature is specified.
In the long-term signature format, a document time stamp which is a time stamp having an expiration date longer than an electronic signature is applied to electronic data to be stored and the electronic signature, thereby securing the legitimacy of the electronic data even after the expiration date of the electronic signature has elapsed.
Before the expiration date of the document time stamp elapses, a second-generation document time stamp having an expiration date longer than the document time stamp is applied to extend the expiration date. Hereinafter, the expiration date is extended to the third-generation, the fourth-generation, etc., making it possible to verify unfalsification of electronic data over a long period of time.
In the related art, however, in order to receive a long-term signature service, a user needs to deliver his/her secret key for use in an electronic signature or original data of electronic data to a long-term signature service provider, and there is a problem in that confidential information (secret key and original data) should be sent to the outside.
Otherwise, when the user performs a long-term signature without receiving the long-term signature service, there is a need for constructing a long-term signature system on the user side and for performing operation, such as certificate management, time stamp acquisition, and expiration information acquisition.